[
https://issues.apache.org/jira/browse/UNOMI-851?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Serge Huber updated UNOMI-851:
------------------------------
Fix Version/s: unomi-3.0.0
(was: unomi-2.7.0)
> Upgrade Elasticsearch High level REST client to 7.17.0
> ------------------------------------------------------
>
> Key: UNOMI-851
> URL: https://issues.apache.org/jira/browse/UNOMI-851
> Project: Apache Unomi
> Issue Type: Task
> Reporter: Francois Gerthoffert
> Priority: Major
> Fix For: unomi-3.0.0
>
>
> In Unomi we're using the high level rest client in version 7.4.2
> The goal of this ticket is to update it towards its latest version: 7.17.0
> Note that this version maintains the same license (Apache 2):
> https://www.elastic.co/guide/en/elasticsearch/client/java-rest/7.17/_license.html
> {code:java}
> Copyright 2013-2019 Elasticsearch
> Licensed under the Apache License, Version 2.0 (the "License"); you may not
> use this file except in compliance with the License. You may obtain a copy of
> the License at
> http://www.apache.org/licenses/LICENSE-2.0
> Unless required by applicable law or agreed to in writing, software
> distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
> WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
> License for the specific language governing permissions and limitations under
> the License.
> {code}
> This upgrade aims to address vulnerabilities in transitive dependencies
> (namely CVE-2020-28491 in jackson-dataformat which was addressed in v7.15.0
> of the client).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
